'This is no longer just an IT project. It is forcing people to make business decisions on how their organization will run today and years down the road.'

'Larry Gross

'A large part of what OMB is trying to do with this initiative is to force us to think horizontally, versus stovepipe. And I think that's a huge driver for where we need to go as a country.'

'Tarrazzia Martin

Panel breaks down the fundamentals, and payoffs, of Lines of Business

Agency CIOs face a broad array of issues and concerns in adapting the Office of Management and Budget's Lines-of-Business initiatives into their enterprise architectures. The Association for Federal Information Resources Management and GCN last month hosted a roundtable discussion to discuss those issues. The 10 participants generally agreed that Lines of Business make sense, while acknowledging that a lot of challenges remain. Among them, the initiatives:

help streamline redundant processes and policies, not just IT systems

focus agencies, as some companies do, on core missions rather than acillary activities

still require a mechanism to address poor performance and give agencies the ability to move to new providers

What follows is an abbreviated version of the discussion. To read more, go to /www.gcn.com and enter 428 into the GCN.com/search box.Tom Temin, editor in chief for GCN and Washington Technology, moderated the discussion.

TEMIN: There is not a lot known about how Lines of Business will be accepted. What's your perspective on where we actually stand with picking Lines-of-Business Centers of Excellence and moving toward them?

ROE: One of the greatest challenges for us'I say 'us' meaning the federal community'has been looking at the volume and trying to figure out to what extent there is wheat and chaff as it relates to an individual agency's mission.

There is a large number of Quicksilver initiatives. Look at E-Payroll; that is a great success story. We have a lot of movement on E-Authentication. E-Travel, there are a lot of things.

At the same time, we have to look at the reconciliation with the existing initiatives. Case management is something that is a natural for us at the Department of Justice. However, we had a previous financial management system investment.

And there was a lot of back and forth on, 'Well, are we going to shut this down and go with another program?' You have to balance your parochial departmental interests with the larger federal picture.

GROSS: I think one of the things that Price brings up is that this is no longer just an IT project. It is forcing people to make business decisions on how their organization will run today and years down the road.

MARTIN: I think there are a lot of world drivers that are pushing us toward this goal. For example, 9/11, I think, was a wake-up call for all of us. But when you look horizontally across the government, there is a need to share data.

But at [the Homeland Security Department], our big challenge is to share the same data about the people that may have an effect on our nation's safety. And I think a large part of what drives case management is how we will share that data. We call it identity management. Who is in the country? What are they doing? What is their status, etc.?

So I think a large part of what OMB is trying to do with this initiative is to force us to think horizontally, versus stovepipe. And I think that's a huge driver for where we need to go as a country.

SINDELAR: You know, the government tends to sacrifice the long term for the short term. And what we are trying to do now is take the long-term outlook and build a shared-service environment, starting with the 24 e-Gov initiatives and moving towards the Line-of-Business effort. I would say that the real driving force, the technical driver behind this, is through the enterprise architecture.

And Larry is exactly right that this is not about IT. This is about business transformation, how the government does business. It's been a long haul to get the chief financial officers' community involved, the acquisition officers involved in this as much as the CIOs because, in fact, they all have to be at the table.HAVEKOST: But the realization that people need to have is that 'systems' embody processes and embody policies. And if we have hundreds of systems in the same business area, we have embodied processes and embodied policies slightly different hundreds of times.

And that's not a good way to do business, and that's not a particularly transparent way to do business. But the Lines of Business give us a way to have systems that embody process and policy a fewer number of times across the government. It makes the process more transparent.

SINDELAR: In the Lines-of-Business effort, the goal is to alleviate the requirements for every agency to stand up their own financial management system, their own HR system, and the business processes related to that over time, and allow the agencies to focus on their mission.

CURETON: I think of the Jack Welch model at General Electric Co. What is the business of GE? What is their main business? What should they get out of? And I think this makes a very sensible way for departments to focus on what their missions are and to divest themselves from some of the ancillary but very important activities that support the mission.

TEMIN: I just want to follow up on duplication and the possibility of the policies and processes being slightly different on all of those systems. Should every agency have the same policies and processes?

And if not, then do the LOB service providers simply become time-share operations running everybody's applications? Does that make sense?

HAVEKOST: I'll jump in there. That's a very reasonable discussion in this space. There are a lot of processes that people perceive as policies just because they've been the process for so long. It compels us to take a look at these things and say, 'Are these real? Or are these just vestiges of how we've done business for so long?'

Are we in such a rut that we can't see that there may be a more common, a more standardized way of doing business that gets us to the same end and gets us there in a way that is more transparent, that is more understandable to external entities, and it also can use systems that are used across?

GROSS: We were looking at an approach where we were going to allow you to analyze your business and make a determination of: At what point in time does it make sense to adopt this business process here, from the Center of Excellence? And what part of that Center of Excellence do you want to utilize within your organization?

So it's not a one-size-fits-all. It does allow you, as a business owner, to decide what fits your organizational needs.

TEMIN: We've talked about what to preserve of investments that you've already made and what to let go of. Sometimes, as in the case of the FBI, they let go of $100 million-and-some just because it didn't work.

In another case, the financial system, the investment was already made, and it turned out to be a service provider for others.

So at what point can agencies feel safe in just simply letting go of sunk costs, because there is a Line-of-Business provider that might be able to do that function better, and not get zinged for it?

SINDELAR: I've been on detail to OMB since March of last year, so I'm your surrogate. But the Line-of-Business concept'again, through the enterprise architecture and the business case process'is to focus on new systems, development, modernization or enhancement to your current system, meaning your current investment. So it's not to go after mission-critical systems or even systems that are in place today that are operating fine and shutting them down.

And, in fact, there's an alignment report that is being generated as we speak that will identify where we see redundancies as related to the programs and systems that are up in place for e-gov, such as IE and others, and why those systems still need to be funded. But the focus has been on new investment money, on the Lines of Business.

HITE: With regard to your last question, that is practical reality, the fact that investments are going to be ongoing, whether you are talking about Lines of Business across the federal government, or within a department, or within an agency.

And the question about, are we, through Lines of Business, talking about establishing a common policy and a common set of procedures to be implemented across all these agencies? No, we are not, and architecture doesn't talk about doing that either.

KRZYSKO: You need high-level framework. Those physical data elements, those business rules, those how-you-report [rules], are definitive. We've been working on that for a year in the deployment of a system, a federal procurement data system.

That certainly touches and drives back through any architecture, because procurements and grants are fundamentally all integrated in the financial-management process. That architecture needs to be documented.

MARTIN: I was actually going to ask you a question about the governance. Has OMB begun thinking about how that would work or how we can play into that?

SINDELAR: Absolutely. There are still a number of skeptics out there, and rightfully so. But OMB can't always be seen as the big daddy with a big stick. What we need to do as agencies is own this and develop an effective governance structure as Randy talked about. I think one of the models right now is probably Integrated Acquisition Environment, IAE, in terms of a good governance structure in place. They are engaged and they have enforced a budget discipline.

TEMIN: Some departments and agencies worry: 'By having another agency or another agency's contract vehicle provide LOB services, will I get the attention and service? I can't send, you know, just a cure letter.' Do you trust the other agency to handle your family jewels?

CHARBO: I don't think Line of Business is all that new. You know, we've had the National Finance Center for a long time. We've used the Bureau of the Public Debt for HR functions for a while. So there have been pockets of that for quite a long time; that's out there.

There are a lot of things that we have to do, just trying to make it a bit simpler, I think it's as simple as it gets. It's a customer and a service provider. And why can't you leave them if they aren't providing the product effectively? I mean, if that's not part of the equation, then it will break.

SINDELAR: You need service-level agreements with metrics that essentially stand up as contracts between agencies. But at the end of the day, you should not care where you are getting your service from, as long as it is effective and meets the metrics.

There has to be another mechanism to address where there are issues with performance and the ability to move from a failing service provider to the new service provider. And that's one of the things that we are struggling with and addressing in the governance discussions that are ongoing.

KRZYSKO: You also have to have strong program management governance to be sure that the execution of those programs meets those critical needs, all things considered. It's not just as simple as letting a contract; you have to entertain the transitional elements of moving in DOD and moving that whole structure to common services.

SINDELAR: And OMB has said, as recently as this week, that if you have unique requirements'and small agencies do have unique requirements'where maybe the common solution doesn't meet in a cost-effective way, they need to come in and make their case and they will hear them out.

TEMIN: Linda still looks worried. Can you give us an example of what your experience has been, something that really is unique that you would still want to retain control of?

CURETON: I'm worried about the small component, the small agency that doesn't have the clout of a large department'the Homeland Security Department versus the Federal Trade Commission'and how the two would fare in making their business case to whoever that they have a legitimate, unique requirement.

And I'm thinking of a situation like that where the two CIOs may not have the clout to actually impose their will on the decision-makers. And that causes me some concern.

SINDELAR: Well, I think it comes down to the question that Tom put in the first place: trust. OMB has said their door is open if you want to come to them through the business case process. I mean, I understand your fear.

KRZYSKO: It's about showing up and understanding the requirements, because we had to deal with that. I mean, while somebody would say, 'DOD would have the big vote at the table,' you know, we have components that are very small that may have uniqueness that we have to represent and understand the requirements.

TEMIN: What kind of legislative cover for Lines of Business that doesn't exist now do we need, if in fact we do need it, to make Lines of Business happen in a meaningful, widespread, deep way?HITE: Lines of Business is good government; it's good management. You don't need to legislate good management.

CURETON: I disagree just a little. And this will sound kind of schmaltzy, but the principles that our government was founded on, the separation of powers, in and of itself suggests some redundancy and some duplication, and that to maintain balance of control.

MARTIN: Part of what has been challenging is to make one of our organizational elements a shared-service provider for others. And we've lived through a lot of pain in trying to do that. But everyone comes to the table, 22 CIOs sit around the table and some will say, 'Well, this one legislative issue won't let me do that,' or 'This one policy issue won't let me share or let this provider be my service provider,' because they find every trick in the book, every business process, risk factor, etc., to say 'It will not work.' The culture is 'I've got to stay within my own domain, manage my own data, be in control of my own destiny.'

TEMIN: And I don't mean to trivialize what Randy said, but there are a lot of things that are good that are nevertheless legislated.

HITE: Oh, absolutely. And if things aren't moving fast enough, sometimes Congress will take matters into its own hands. And part of that deliberative thinking about 'How do I best architect my enterprise' needs to recognize 'Where does it make sense that I need to seek legislative change so that I can do things better?'

WOJCIAK: I tend to agree with Randy. I think that many of the legislative tools that you need in order to give you cover [for] Lines of Business already exist in statute. So I think we need to see Lines of Business evolve before we try to develop legislation to help you all.

TEMIN: I want to get a little bit into the weeds now, here, on how Lines of Business might work.

How does it, from a management sense, work if your agency'say, your department, and then getting down to your agencies and bureaus'are all using different Lines-of-Business providers? We could really have a lot of different lines of communication going out. How would that work?

And the follow-on to that question would be: How do you make sure that your Line-of-Business provider is, in fact, technically up to date? Even though systems are only the enablers of all this, technology does change, and the changes in technology do, in fact, enable better business function.

GROSS: Let me speak to that as an advocate for e-government because it does make good business, so I would look at it just like as if you were home. You buy various services for your house: You get cable television; you get gas through the utility company; you get water through another utility company. And you pay for those services with an expectation that those services will always be there. It allows you, using your home as an analogy, to focus on those core things that you need to get done.

And I think within an organization, if I knew that my financial services, and let's use that as an example, if I'm buying that from a service provider, I'm only interested in the service. I'm not interested now in the boxes that go with it; I'm not interested in the infrastructure that is necessary to support that.

CURETON: With the Homeland Security Bill, Alcohol, Tobacco and Firearms was the only law enforcement organization in the Treasury Department that didn't go to Homeland Security. We went to the Justice Department, and we got our HR servicing from Treasury.

We were concerned that when we went to Justice, Justice wouldn't support it, that they would make us do whatever Justice did. But in hindsight, it was kind of like being afraid of the boogeyman.

We explained to DOJ what we did, why we did it, and they said, 'Hey, that's a good idea. Maybe we'll consider something like that.'

MARTIN: I think it gets to the core issue that John mentioned, which is to make sure that it's competitive. And that you have an option. Truly for some of the key services, and I think that the key is service-level agreements and having a competitive pool so that you can pick the right provider. And when the service is no longer being delivered to your satisfaction, you can do something different.

GROSS: And in that competitive environment, it forces the provider to stay current with technology and continue to look at their business as a service provider and continue to offer you service and look at ways of reducing their costs because, as a consumer, then you would have an opportunity in that environment to move to another provider if they cannot reduce the costs, if they cannot scale and meet your requirements over time.

CURETON: Well, my husband wants DirecTV and Comcast for some odd reason. So as the CIO in my house, I said, 'No.'

HAVEKOST: I'd contend that it's, in general, easier to manage a provider service because you have that single line of communication, as opposed to the complexity of managing contracts and managing people who would run an in-house service.

MARTIN: Our financial processes, our acquisition processes, how we do business as a government is very different than buying service from Comcast versus buying service from DOD. And I think that's where the fundamental conflict may come in.

If we decide tomorrow we don't want to use DOD or DOJ for a case management system, how do you get out of that agreement without a year of budget formulation activity, acquisition planning activity, which could impede your mission? And I think that's a fundamental flaw, potentially, in our thinking about this.

SINDELAR: And this is one of the things that interest us in terms of working with Congress, in terms of how we fund these various initiatives. And there's a lot of attractiveness to the franchise-type funding, a working capital fund.

Again, there's questions as to accountability when you enter that, but to me, that's developing the right metrics, having the right level of oversight and the right amount of accountability related to that service center that can address those concerns.

But one of the things that we are entertaining now is the ability to have whatever that reserve is in these Lines of Business. The capability, if you are failing from a performance standpoint, that that service center with a due-diligence process would fund the transition of that client to another service center.

MARTIN: After meeting certain criteria to ensure ...

SINDELAR: Oh, right, absolutely.

KRZYSKO: Now, the dialogue is moving across a broader spectrum at an enterprise level and on an operational level. And we've got to decide that we're going to take on the enterprise level, not the operational level.

And I think we have a duty to ensure competition in this environment. We've got to settle on those touch points, adaptive strategies, key processes where we can get in and out in a shared-service-provider environment very quickly.

SINDELAR: There is no intent to go to one provider in any of these Lines of Business.

TEMIN: Getting back to the second part of the original question here, which is tech refresh, we try to put IT in a box and then forget about it; it's just a cloud. In fact, it's more than a cloud because it really does affect whether a service provider is state-of-the-art and whether your applications are state-of-the-art, which in turn affects whether your processes are state-of-the-art.

WOJCIAK: I would say from an oversight standpoint, we would expect agencies to be utilizing competitive and innovative acquisition models that would allow them, if they have one service provider, to quickly transition to another if there isn't refresh occurring and it isn't an adaptable model.

And I think GSA's Networx Program is a good example of that. If it's done right, you are going to have two-level contracts that offer a range of providers to agencies. And if the agencies are managing their telecom and technology needs effectively, they're going to be able to look at a rapidly adaptable acquisition model and new services being offered on that model frequently by the providers who are competing against one another, and evaluate their choices consistently over the life of the acquisition.

KRZYSKO: Once we get clarity, whether it would be in an enterprise architecture or in the technology infrastructure, we can architect around what our pipes are very quickly in service-oriented architectures.

MARTIN: But the key to that is having at least a stable network environment, where your infrastructure will allow you to plug and play. And that is essential. And without that being built, not one of these applications will work. And the other key element which gets to the service-oriented architecture discussion is having a shared or common data model for our business functions. So a large part of that is, 'What is the data that we need for a common case management system, or the financial management system as well?' So I think data, and the integration of the data layer above and beyond the infrastructure base, is key to any of these apps.

And I see them all as business applications, but to see them work and work interchangeably where you can plug and play. If the service provider is not meeting your needs, you can pull it out. But there are interface controls that are clearly defined as you plug them in. So I think that's essential.

SINDELAR: Using the data reference model in the enterprise architecture ...

MARTIN: Absolutely.

HAVEKOST: We're past the era when a monolithic system has to be bulldozed out the back door and replaced with another monolith. The service-oriented architecture gives us a way to modularize this and to some extent pick the services.

WOJCIAK: At the Hill level, we see a tremendous amount of talk about information sharing. And one of the concerns we see is a lot of departments are coming up and saying, 'We need information sharing for our department.' But then, it's secured and classified within the department, so we don't share outside the department.

[Rep. Tom Davis] has been strongly advocating that OMB take responsibility for information sharing and focus, as it has in the past, and move forward with that. So we would encourage that information sharing be a Line of Business and OMB must be at the table as you go to an information-sharing environment because they are, quite frankly, the only agency out there that can force other departments to understand that they cannot try to keep information internally held any longer.